The keygen tag was used to generate a key-pair (public/private key) as part of a form to facilitate client-side certificate generation and authentication. It would create a control that allows users to generate a cryptographic key pair and submit the public key to the server.
Basic Usage:
<form action="/register" method="post">
<label for="keygen">Generate a key:</label>
<keygen name="security_key" id="keygen">
<input type="submit" value="Submit">
</form>
- The browser would generate a public/private key pair when the form is submitted.
- The private key is stored on the client side (usually in the browser or OS certificate store).
- The public key is sent to the server.
Important Notes:
- The
<keygen>element is deprecated and removed from many modern browsers due to security and compatibility concerns. - It is not recommended for use in new projects.
- The W3C HTML standard has removed it.
- Modern applications use other methods for client certificate generation and authentication.
Alternatives:
- Use JavaScript libraries for cryptographic key generation (e.g., Web Crypto API).
- Use TLS client certificates managed outside of HTML forms.
- Use OAuth or other secure authentication flows instead.